Comparison Overview

Q: Between RITE AID company and Pepco Group company, which one has the best AI Cybersecurity Score ?

Pepco Group company demonstrates a stronger AI Cybersecurity Score compared to RITE AID company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between RITE AID company and Pepco Group company, which one has experienced more cyber incidents in the past ?

RITE AID company has historically faced a number of disclosed cyber incidents, whereas Pepco Group company has not reported any.

Q: Between RITE AID company and Pepco Group company, which one has experienced more cyber incidents this year ?

In the current year, Pepco Group company and RITE AID company have not reported any cyber incidents.

Q: Between RITE AID company and Pepco Group company, which one has experienced at least one ransomware attack ?

RITE AID company has confirmed experiencing a ransomware attack, while Pepco Group company has not reported such incidents publicly.

Q: Between RITE AID company and Pepco Group company, which one has experienced at least one data breach ?

RITE AID company has disclosed at least one data breach, while the other Pepco Group company has not reported such incidents publicly.

Q: Between RITE AID company and Pepco Group company, which one has experienced at least one targeted cyberattack ?

RITE AID company has reported targeted cyberattacks, while Pepco Group company has not reported such incidents publicly.

Q: Between RITE AID company and Pepco Group company, which one has experienced at least one vulnerability ?

Neither RITE AID company nor Pepco Group company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between RITE AID company and Pepco Group company, which one holds the most compliance certifications ?

Neither RITE AID nor Pepco Group holds any compliance certifications.

Q: Between RITE AID company and Pepco Group company, which one has the most subsidiaries ?

Neither RITE AID company nor Pepco Group company has publicly disclosed detailed information about the number of their subsidiaries.

RITE AID

1200 Intrepid Ave, None, Philadelphia, Pennsylvania, US, 19112

Last Update: 2025-11-27

View Profile

Between 600 and 649

http://www.riteaid.com/careers

Rite Aid is a full-service pharmacy committed to improving health outcomes. Rite Aid is defining the modern pharmacy by meeting customer needs with a wide range of solutions that offer convenience, including retail and delivery pharmacy, as well as services offered through our wholly owned subsidiary Bartell Drugs. Regional chain Bartell Drugs has supported the health and wellness needs in the Seattle area for more than 130 years. For more information, visit www.riteaid.com.

NAICS: 43

NAICS Definition: Retail Trade

Employees: 30,858

Subsidiaries: 0

12-month incidents

0

Known data breaches

6

Attack type number

3

View Profile

Pepco Group

Taper Studios, Unit B 120 Weston Street London, SE1 4GS, GB

Last Update: 2025-11-26

Between 750 and 799

http://www.pepcogroup.eu

Established in 2015, Pepco Group (WSE: PCO) is a Warsaw Stock Exchange listed operator of the market-leading retail businesses: Pepco, Poundland and Dealz Poland. These businesses provide great product range, value and convenience to over 60 million customers each month in Europe, trading from nearly 5,000 stores in 20 territories. A key competitive advantage for the company is Pepco Global Sourcing, its wholly-owned sourcing entity for clothing and general merchandise. By maintaining direct relations with over 375 suppliers, which represent over 750 factories, PGS is able to achieve significant benefits for the Group. Show more Show less

NAICS: 452

NAICS Definition:

Employees: 10,001

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

RITE AID

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

https://images.rankiteo.com/companyimages/pepkor-europe-limited.jpeg

Pepco Group

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Retail Industry Average (This Year)

No incidents recorded for RITE AID in 2025.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Pepco Group in 2025.

Incident History — RITE AID (X = Date, Y = Severity)

RITE AID cyber incidents detection timeline including parent company and subsidiaries

Incident History — Pepco Group (X = Date, Y = Severity)

Pepco Group cyber incidents detection timeline including parent company and subsidiaries

RITE AID

Incidents

Date Detected: 6/2024

Type:Cyber Attack

Attack Vector: Phishing

Blog: Blog

Date Detected: 5/2023

Type:Cyber Attack

Blog: Blog

Date Detected: 5/2023

Type:Ransomware

Attack Vector: Ransomware

Motivation: Financial Gain

Blog: Blog

Pepco Group

Incidents

No Incident

Pepco Group company demonstrates a stronger AI Cybersecurity Score compared to RITE AID company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

RITE AID company has historically faced a number of disclosed cyber incidents, whereas Pepco Group company has not reported any.

In the current year, Pepco Group company and RITE AID company have not reported any cyber incidents.

RITE AID company has confirmed experiencing a ransomware attack, while Pepco Group company has not reported such incidents publicly.

RITE AID company has disclosed at least one data breach, while the other Pepco Group company has not reported such incidents publicly.

RITE AID company has reported targeted cyberattacks, while Pepco Group company has not reported such incidents publicly.

Neither RITE AID company nor Pepco Group company has reported experiencing or disclosing vulnerabilities publicly.

Neither RITE AID nor Pepco Group holds any compliance certifications.

Neither company holds any compliance certifications.

Neither RITE AID company nor Pepco Group company has publicly disclosed detailed information about the number of their subsidiaries.

RITE AID company employs more people globally than Pepco Group company, reflecting its scale as a Retail.

Neither RITE AID nor Pepco Group holds SOC 2 Type 1 certification.

Neither RITE AID nor Pepco Group holds SOC 2 Type 2 certification.

Neither RITE AID nor Pepco Group holds ISO 27001 certification.

Neither RITE AID nor Pepco Group holds PCI DSS certification.

Neither RITE AID nor Pepco Group holds HIPAA certification.

Neither RITE AID nor Pepco Group holds GDPR certification.

Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 7.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 8.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 6.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss3

Base: 7.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss3

Base: 7.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

RITE AID

VS

Pepco Group

RITE AID

Pepco Group

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

Incidents vs Retail Industry Average (This Year)

Incident History — RITE AID (X = Date, Y = Severity)

Incident History — Pepco Group (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66035

Risk Information

CVE-2025-66031

Risk Information

CVE-2025-66030

Risk Information

CVE-2025-64344

Risk Information

CVE-2025-64335

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

RITE AID

VS

Pepco Group

RITE AID

Pepco Group

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

Incidents vs Retail Industry Average (This Year)

Incident History — RITE AID (X = Date, Y = Severity)

Incident History — Pepco Group (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Cyber Attack RIT755072725

🔒 Incident : Cyber Attack RIT949072925

🔒 Incident : Ransomware RIT000071424

No Incident

FAQ

Between RITE AID company and Pepco Group company, which one has the best AI Cybersecurity Score ?

Between RITE AID company and Pepco Group company, which one has experienced more cyber incidents in the past ?

Between RITE AID company and Pepco Group company, which one has experienced more cyber incidents this year ?

Between RITE AID company and Pepco Group company, which one has experienced at least one ransomware attack ?

Between RITE AID company and Pepco Group company, which one has experienced at least one data breach ?

Between RITE AID company and Pepco Group company, which one has experienced at least one targeted cyberattack ?

Between RITE AID company and Pepco Group company, which one has experienced at least one vulnerability ?

Between RITE AID company and Pepco Group company, which one holds the most compliance certifications ?

Between RITE AID company and Pepco Group company, which one holds the fewest compliance certifications ?

Between RITE AID company and Pepco Group company, which one has the most subsidiaries ?

Between RITE AID company and Pepco Group company, which one has the largest number of employees ?

Between RITE AID and Pepco Group, which company holds both SOC 2 Type 1 certifications ?

Between RITE AID and Pepco Group, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — RITE AID or Pepco Group ?

Which company is PCI DSS compliant — RITE AID or Pepco Group ?

Between RITE AID and Pepco Group, which company complies with HIPAA regulations for healthcare data ?

Between RITE AID and Pepco Group, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66035

Risk Information

CVE-2025-66031

Risk Information

CVE-2025-66030

Risk Information

CVE-2025-64344

Risk Information

CVE-2025-64335

Risk Information